update-ubuntu-dependencies #68

	name: update-ubuntu-dependencies

	on:
	push:
	branches:
	- main
	schedule:
	- cron: '0 9 * * *' # Run daily at 9 AM UTC
	workflow_dispatch:

	# Add permissions needed to create a PR
	permissions:
	contents: write
	pull-requests: write

	jobs:
	update-dependencies-and-create-pr:
	runs-on: ubuntu-latest
	steps:
	- name: Checkout
	uses: actions/checkout@v5
	with:
	fetch-depth: 0

	- name: Run dependency update
	run: \|
	cd contrib/packaging/deb
	chmod +x update-dependencies.sh
	./update-dependencies.sh

	- name: Check for changes
	id: changes
	run: \|
	if git diff --quiet contrib/packaging/deb/package.sh; then
	echo "changed=false" >> $GITHUB_OUTPUT
	echo "No changes detected in dependencies"
	exit 0
	else
	echo "changed=true" >> $GITHUB_OUTPUT
	echo "Changes detected in dependencies:"
	git diff contrib/packaging/deb/package.sh
	fi

	- name: Create or update PR
	if: steps.changes.outputs.changed == 'true'
	uses: peter-evans/create-pull-request@271a8d0340265f705b14b6d32b9829c1cb33d45e # v7.0.8
	with:
	token: ${{ secrets.GITHUB_TOKEN }}
	signoff: true
	commit-message: 'chore: update debian dependencies'
	title: 'chore: update debian dependencies'
	body: \|
	This PR updates the following dependencies to their latest versions:

	- finch-daemon
	- nerdctl
	- buildkit
	- soci-snapshotter
	- CNI plugins
	- cosign

	This is an automated update created by the dependency update workflow. Review the changes before approving.
	branch: update-ubuntu-dependencies
	delete-branch: true

Provide feedback